offline
- Pridružio: 28 Jun 2008
- Poruke: 61
|
ComboFix 08-08-30.03 - Hum 2008-08-31 22:28:07. - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.2570 [GMT 2:00]
Running from: C:\Documents and Settings\Hum\My Documents\ComboFix.exe
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\#SharedObjects\7UD3BAGF\bin.clearspring.com
C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\#SharedObjects\7UD3BAGF\bin.clearspring.com\clearspring.sol
C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
C:\Documents and Settings\Hum\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
C:\Documents and Settings\Hum\Cookies\hum@ad.yieldmanager[2].txt
C:\Program Files\RichVideoCodec
C:\WINDOWS\system32\x64
.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-31 )))))))))))))))))))))))))))))))
.
2008-08-29 10:57 . 2008-08-29 10:58 <DIR> d-------- C:\Program Files\Virtual Earth 3D
2008-08-22 18:33 . 2008-04-14 05:42 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-08-22 01:14 . 2008-08-22 01:14 <DIR> d-------- C:\WINDOWS\Sun
2008-08-17 12:22 . 2008-08-17 12:22 <DIR> d-------- C:\Program Files\KONAMI
2008-08-09 04:07 . 2008-08-09 04:07 268 --ah----- C:\sqmdata00.sqm
2008-08-09 04:07 . 2008-08-09 04:07 244 --ah----- C:\sqmnoopt00.sqm
2008-08-08 14:22 . 2008-08-08 17:54 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\temp
2008-08-08 13:57 . 2008-08-08 13:57 <DIR> d-------- C:\Programme
2008-08-08 11:15 . 2008-08-23 12:31 <DIR> d-------- C:\Program Files\EA SPORTS
2008-08-08 11:14 . 2008-08-08 11:14 <DIR> d-------- C:\Program Files\Soccerland2001
2008-08-08 11:14 . 1999-06-04 13:25 290,816 --a------ C:\WINDOWS\system32\SWFlash.ocx
2008-08-08 11:13 . 2008-08-08 11:13 <DIR> d-------- C:\Documents and Settings\Hum\WINDOWS
2008-08-08 11:13 . 1999-03-23 09:12 299,520 --a------ C:\WINDOWS\uninst.exe
2008-08-08 10:50 . 2003-11-03 14:28 40,960 --a------ C:\WINDOWS\system32\ctlLabel.ocx
2008-08-08 10:49 . 2008-08-08 10:50 <DIR> d-------- C:\Program Files\World Basketball Manager 2008
2008-08-08 10:49 . 2008-06-13 13:05 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-08-08 10:49 . 2008-06-13 13:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-08-08 02:47 . 2008-08-15 01:21 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-08-08 02:27 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-08-08 02:27 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-08-08 02:27 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-08-07 17:23 . 2008-08-07 17:23 <DIR> d-------- C:\Program Files\Codemasters
2008-08-07 16:35 . 2008-08-07 16:35 <DIR> d-------- C:\Program Files\SEGA
2008-08-07 16:25 . 2008-08-07 16:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-08-07 16:24 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-08-07 16:23 . 2008-08-07 16:23 <DIR> d-------- C:\WINDOWS\system32\AGEIA
2008-08-07 16:23 . 2008-08-07 16:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-07 16:23 . 2008-08-07 16:23 <DIR> d-------- C:\Program Files\AGEIA Technologies
2008-08-07 16:23 . 2008-08-07 16:23 278,728 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2008-08-07 16:23 . 2008-08-07 16:23 25,416 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2008-08-07 16:19 . 2008-08-07 16:19 <DIR> d-------- C:\Program Files\The Adventure Company
2008-08-07 16:19 . 2008-08-07 17:23 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-08-07 16:19 . 2008-08-07 16:19 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-08-07 16:19 . 2004-08-09 05:04 73,728 --a------ C:\WINDOWS\system32\ISUSPM.cpl
2008-08-07 16:18 . 2008-08-07 16:18 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-07-26 23:38 . 2008-07-26 23:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-07-26 23:34 . 2008-07-26 23:34 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-07-25 19:41 . 2008-07-26 11:01 <DIR> d-------- C:\Documents and Settings\Hum\Contacts
2008-07-25 19:40 . 2008-07-25 19:41 <DIR> d-------- C:\Program Files\Windows Live
2008-07-25 19:40 . 2008-07-25 19:40 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-25 19:40 . 2008-07-25 19:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-25 19:37 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-07-25 19:37 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-07-25 19:36 . 2008-07-25 19:36 <DIR> d---s---- C:\Documents and Settings\Hum\UserData
2008-07-25 19:36 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-07-25 19:36 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-07-25 19:36 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-07-25 13:56 . 2008-07-25 13:56 <DIR> d-------- C:\Program Files\MSN Toolbar
2008-07-25 10:11 . 2001-08-17 13:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2008-07-25 10:11 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys
2008-07-25 10:00 . 2008-08-31 18:22 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\skypePM
2008-07-25 10:00 . 2008-07-25 10:00 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-07-24 10:09 . 2008-08-31 22:34 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\Skype
2008-07-24 10:08 . 2008-07-24 10:08 <DIR> d-------- C:\Program Files\Skype
2008-07-24 10:08 . 2008-07-24 10:09 <DIR> d-------- C:\Program Files\Google
2008-07-24 10:08 . 2008-07-24 10:08 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-07-24 10:08 . 2008-07-24 10:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-07-23 17:37 . 2008-07-23 17:56 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\VoipCheapCom
2008-07-23 17:36 . 2008-07-23 18:02 <DIR> d-------- C:\Program Files\VoipCheapCom
2008-07-19 16:24 . 2008-04-14 00:15 10,368 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-07-19 16:24 . 2008-04-14 00:15 10,368 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-07-19 14:22 . 2008-07-19 14:22 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\Sports Interactive
2008-07-19 14:07 . 2008-07-19 14:07 <DIR> dr-h----- C:\Documents and Settings\Hum\Application Data\SecuROM
2008-07-19 14:07 . 2008-07-19 14:07 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-07-19 13:53 . 2008-07-19 14:06 <DIR> d--h----- C:\Program Files\Zero G Registry
2008-07-19 13:53 . 2008-07-19 13:53 <DIR> d-------- C:\Program Files\Sports Interactive
2008-07-19 13:52 . 2008-07-19 13:52 <DIR> d--h----- C:\Documents and Settings\Hum\InstallAnywhere
2008-07-19 13:28 . 2008-07-19 13:28 223,128 --a------ C:\WINDOWS\system32\drivers\vaxscsi.sys
2008-07-19 13:25 . 2008-07-19 13:25 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-07-19 13:25 . 2008-07-19 13:25 96,384 --a------ C:\WINDOWS\system32\drivers\sptd8445.sys
2008-07-19 10:15 . 2008-08-31 22:32 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-07-19 10:14 . 2008-08-31 22:32 121 --a------ C:\WINDOWS\bdagent.INI
2008-07-19 10:11 . 2008-07-19 10:11 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\BitDefender
2008-07-19 10:10 . 2008-07-19 10:10 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-07-19 10:10 . 2008-07-19 10:11 <DIR> d-------- C:\Program Files\BitDefender
2008-07-19 10:10 . 2008-07-19 10:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-07-19 10:09 . 2008-07-19 10:09 <DIR> d-------- C:\Program Files\Webteh
2008-07-19 10:09 . 2008-08-29 21:28 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\BSplayer PRO
2008-07-19 10:09 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll
2008-07-19 10:09 . 2008-07-19 10:09 394 --a------ C:\WINDOWS\ODBC.INI
2008-07-19 10:08 . 2008-07-19 10:08 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-07-19 10:08 . 2008-07-19 10:08 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-07-19 10:01 . 2008-07-19 10:01 <DIR> d-------- C:\Program Files\MSBuild
2008-07-19 09:59 . 2008-07-19 09:59 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-07-19 09:58 . 2008-07-19 09:58 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-07-19 09:58 . 2006-06-29 13:07 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-07-19 09:58 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-07-19 09:53 . 2008-07-26 23:34 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-07-19 09:53 . 2008-07-19 09:53 <DIR> d-------- C:\Documents and Settings\Hum\Application Data\Ahead
2008-07-19 09:52 . 2008-07-19 09:52 <DIR> d-------- C:\Program Files\Nero
2008-07-19 09:52 . 2008-07-19 09:53 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-07-19 09:51 . 2008-07-19 09:51 <DIR> d-------- C:\Program Files\Java
2008-07-19 09:51 . 2008-07-19 09:51 <DIR> d-------- C:\Program Files\Common Files\Java
2008-07-19 09:51 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-07-19 09:50 . 2008-07-19 09:50 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-07-19 09:47 . 2008-04-14 00:15 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-07-19 09:08 . 2008-07-19 09:08 <DIR> d-------- C:\Documents and Settings\Hum\Bluetooth Software
2008-07-19 09:08 . 2008-04-14 05:41 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-07-19 09:08 . 2008-04-14 05:41 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-07-19 09:08 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-07-19 09:08 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-07-19 09:07 . 2008-07-19 09:07 <DIR> d-------- C:\Program Files\WIDCOMM
2008-07-19 09:07 . 2007-07-25 03:41 876,384 --a------ C:\WINDOWS\system32\drivers\btkrnl.sys
2008-07-19 09:07 . 2007-07-25 03:41 539,072 --a------ C:\WINDOWS\system32\drivers\btaudio.sys
2008-07-19 09:07 . 2007-07-25 03:41 149,123 --a------ C:\WINDOWS\system32\drivers\btwdndis.sys
2008-07-19 09:07 . 2007-07-25 03:41 106,557 --a------ C:\WINDOWS\system32\btw_ci.dll
2008-07-19 09:07 . 2007-07-25 03:41 67,960 --a------ C:\WINDOWS\system32\drivers\btwusb.sys
2008-07-19 09:07 . 2007-07-25 03:41 55,352 --a------ C:\WINDOWS\system32\drivers\btwhid.sys
2008-07-19 09:07 . 2007-07-25 03:41 37,424 --a------ C:\WINDOWS\system32\drivers\btport.sys
2008-07-19 09:06 . 2008-07-19 09:06 7 --a------ C:\ISACER.id
2008-07-18 20:11 . 2008-07-18 20:11 <DIR> d-------- C:\Program Files\CONEXANT
2008-07-18 20:10 . 2008-04-14 07:42 129,536 --a------ C:\WINDOWS\system32\ksproxy.ax
2008-07-18 20:09 . 2008-08-07 16:23 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-07-18 20:09 . 2007-12-19 11:40 920,088 --a------ C:\WINDOWS\system32\igxpun.exe
2008-07-18 20:09 . 2006-11-10 08:25 319,456 --a------ C:\WINDOWS\system32\difxapi.dll
2008-07-18 20:09 . 2008-04-14 07:42 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2008-07-18 20:09 . 2008-04-14 02:06 8,832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys
2008-07-18 20:07 . 2008-07-26 23:34 <DIR> dr------- C:\Documents and Settings\All Users\Documents
2008-07-18 20:05 . 2006-12-22 07:56 988,800 --a------ C:\WINDOWS\system32\drivers\HSF_DPV.sys
2008-07-18 20:05 . 2006-12-22 07:55 730,112 --a------ C:\WINDOWS\system32\drivers\HSF_CNXT.sys
2008-07-18 20:05 . 2006-12-22 07:56 209,664 --a------ C:\WINDOWS\system32\drivers\HSFHWAZL.sys
2008-07-18 20:05 . 2006-12-20 13:37 176,128 --a------ C:\WINDOWS\system32\UCI32M16.dll
2008-07-18 20:05 . 2007-05-17 09:45 90,112 --a------ C:\WINDOWS\system32\snymsico.dll
2008-07-18 20:05 . 2007-05-17 09:45 42,496 --a------ C:\WINDOWS\system32\drivers\rimsptsk.sys
2008-07-18 20:05 . 2007-05-17 09:45 39,936 --a------ C:\WINDOWS\system32\drivers\rimmptsk.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-19 08:13 86,792 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-07-18 16:20 --------- d-----w C:\Program Files\microsoft frontpage
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 15:09 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-08 18:18 3,127 ----a-w C:\WINDOWS\system32\presetup.cmd
2008-06-08 18:18 28,672 ----a-w C:\WINDOWS\system32\setupold.exe
2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll
2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll
2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll
2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll
2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe
2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe
2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 05:42 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 11:12 139264]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-06 18:24 21898024]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-01 15:11 68856]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"AdobeUpdater"="C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-07-26 13:28 2321600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-12-19 11:08 135168]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-12-19 11:08 159744]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-12-19 11:07 131072]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-07-19 10:13 368640]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16:52 16861184 C:\WINDOWS\RTHDCPL.EXE]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 05:42 15360]
C:\Documents and Settings\Hum\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20 40048]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:50 734872]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-04-01 09:02:38 568176]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\BIHPL.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 iastor78;iastor78;C:\WINDOWS\system32\drivers\iastor78.sys [2008-06-08 20:09]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-07-19 10:13]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 11:31]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
- - - - ORPHANS REMOVED - - - -
BHO-{a37b3779-e4f3-424c-a495-a60ea8063476} - C:\WINDOWS\system32\RichVideoCodec.dll
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.msn.com
R0 -: HKCU-Main,Search Page = hxxp://www.google.com
R0 -: HKCU-Main,Search Bar = hxxp://www.google.com/ie
R0 -: HKLM-Main,Default_Search_URL = hxxp://www.google.com/ie
R0 -: HKCU-Search,SearchAssistant = hxxp://www.google.com/ie
R1 -: HKCU-SearchURL,(Default) = hxxp://www.google.com/search?q=%s
R0 -: HKLM-Search,SearchAssistant = hxxp://www.google.com/ie
O8 -: I&zvoz u Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 -: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-08-31 22:33:56
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-08-31 22:37:08 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-31 20:37:04
Pre-Run: 17,359,507,456 bytes free
Post-Run: 18,689,560,576 bytes free
259 --- E O F --- 2008-08-17 09:51:19
|
